Getting 401 from ajax using an application password

You should use cookie based authentication instead of basic auth. Delete the basic auth/application password authentication code.

Follow the cookie authentication example that creates a post via the REST API from the REST API handbook:

https://developer.wordpress.org/rest-api/using-the-rest-api/authentication/#cookie-authentication

  1. Create a valid nonce for use in your AJAX requests in PHP wp_create_nonce( 'wp_rest' ) as the docs tell you to
  2. Add a beforeSend to your AJAX call like the docs suggest that adds the nonce in a HTTP header:
    beforeSend: function ( xhr ) {
        xhr.setRequestHeader( 'X-WP-Nonce', your_nonce_variable );
    },
  1. Make the request while logged into the site from the same domain

Related Posts:

  1. How to: Make JWT-authenticated requests to the WordPress API
  2. WordPress Rest API: How do we validate with our custom API key?
  3. How to Authenticate WP REST API with JWT Authentication using Fetch API
  4. authentication issue with rest api – rest_cannot_create
  5. Can I authenticate with both WooCommerce consumer key and JWT?
  6. WP REST API: check if user is logged in
  7. How to login to WordPress site using basic authentication HTTP headers?
  8. Can we access the REST request parameters from within the permission_callback to enforce a 401 by returning false?
  9. WordPress REST API “rest_authentication_errors” doesn’t work external queries?
  10. Can’t GET draft posts via REST API from headless frontend
  11. Create Session with JWT
  12. WP REST API GET Requests require authentication
  13. current_user_can(‘administrator’) returns false when I’m logged in
  14. Authenticating with REST API
  15. Make authorization mandatory on custom routes
  16. WP REST API – Nonce passes wp_verify_nonce even after logout
  17. How to force JWT auth for default GET endpoints of WordPress rest api?
  18. REST API: best place to set current user for JWT auth?
  19. WordPress + REST API v2 and private pages Load by slug
  20. REST API authentication for a plugin
  21. PHP: authenticate for a REST request?
  22. Rest API basic auth not working
  23. Authenticate current user to REST API
  24. Rest API: wp_verify_nonce() fails despite receiving correct nonce value
  25. How to connect android app with WordPress website?
  26. WordPress REST API calls that depend on the WordPress User
  27. WordPress HTTP API NTLM Authentication
  28. Advanced Access Manager: RESTful endpoint to refresh token
  29. Best Authetication between REST API and Mobile App
  30. Log in user using WordPress REST API
  31. Secure WordPress API, how?
  32. wp_nonce vs jwt
  33. register/login api
  34. How can I secure my custom rest api endpoint or add under a already existing rest group
  35. Register rest field authentication with REST API
  36. REST API Integration without user account?
  37. WP REST API with Basic Auth at target website
  38. Cant POST with REST API on WordPress
  39. REST API – Authentication/Logon security
  40. custom REST endpoints and application passwords
  41. wordpress rest api authentication failed
  42. Is the WordPress REST API installed and enabled in a vanilla WordPress 4.7 installation?
  43. check the requesting url
  44. WP REST API Require Password for GET Endpoint
  45. WP REST API V2 – Retrieve sub page by full slug (URL/Path)
  46. How to check WordPress website username and password is correct
  47. How to build a plugin that supports authenticated POST requests to the REST API from external servers?
  48. How to use the WP REST API for new user registration (sign up form)?
  49. Adding post fields in wp-json/wp/v2/search
  50. Unable to get the info of the user which doesn’t have created any post via REST API
  51. WordPress Gutenberg get page template value when post updated?
  52. How to update custom meta fields with rest api?
  53. Rest API and Custom Fields
  54. WordPress REST API, Expired Nonce from Cache results in 403 forbidden
  55. WP Rest API: Get User by Email
  56. Gutenberg Custom Block Getting All Posts
  57. Can we assume that /wp-json/ will always be /wp-json/ under any circumstances when creating custom REST routes?
  58. Passing a borrowed nonce through Postman fails
  59. How to hook into “register_rest_field” to modify the behavior of a custom field?
  60. Get all PDF files from page with WordPress API
  61. How to add / embed an author into REST data from a custom post type?
  62. How to enable the view of revisions of post in WordPress Api for custom post type?
  63. Problem on creating custom endpoints for REST
  64. Rest API code to get ID of current user not working: get_current_user_id() gives 0
  65. New user signup via REST API
  66. Ho to style post content for WordPress API?
  67. WP REST API can’t set post tags
  68. WP API post__not_in is not working
  69. Save default options as an array of options and display in REST API
  70. WordPress REST Api get posts by ID
  71. [Zapier + WP Webhooks Pro]: Custom Fields get cut off at first comma or semicolon
  72. Which route in the WP REST API do I access data passed into register_setting()?
  73. How to use Python to create a Post in WordPress?
  74. Send a get request to wordpress
  75. Replace content via rest api only?
  76. WP rest api endpoint protection using jwt token
  77. WP Rest API – Change response status code for failed validation request
  78. Unable to create a Rest end-point
  79. Can i fetch the list of pouplar posts of last 24 hours from WordPress API?
  80. WordPress Rest Api rest_cannot_edit
  81. how to create JSON array [] for REST response?
  82. Getting 401 unauthenticated error in WP Rest API revisions
  83. How to receive JSON payload from a digital device
  84. WordPress Custom Rest Api – How to get Image Url?
  85. Remote publishing using WP’s RetAPI // Issues with HTACCESS
  86. save_post hook error with REST API
  87. Connecting WordPress with an External API
  88. Users REST API not working?
  89. Using WordPress solely as a Backend – dealing with WP_SITEURL
  90. use WordPress Rest API to build a web application
  91. REST Request Post including meta/custom fields
  92. Why wp_set_password not working within a api endpoint?
  93. WordPress api returns distinct data
  94. Redefine REST API variables
  95. Where is the HTML content for my post in the API
  96. WordPress Rest API Escapes Returned URLs Forward Slash
  97. How can I set the default ‘orderby’ and ‘order’ parameters for a REST API call?
  98. What filtering is available for backbone.js?
  99. Login and register by API
  100. Woocommerce API for calling products by Category ID